in src/crypto.js [65:75]
export async function verifyHmac(keyBytes, signature, message) {
const key = await crypto.subtle.importKey('raw', keyBytes, {
hash: { name: 'SHA-256' },
name: 'HMAC',
}, false, ['verify']);
if (! await crypto.subtle.verify({ name: 'HMAC' }, key, signature, message)) {
// Yes, we really do throw 'decrypt_error' when failing to verify a HMAC,
// and a 'bad_record_mac' error when failing to decrypt.
throw new TLSError(ALERT_DESCRIPTION.DECRYPT_ERROR);
}
}